I have 2 workflows
First runs tests and generated allure report and second builds and deploys to github pages and sends a slack notification with the link to gh pages.
I am curious, how can I get run number of the first workflow and pass it to the second workflow as ${{github.run_number}}?
I've tried to pass just ${{github.run_number}}
You can configure the first WF to trigger the second WF and pass some inputs. At first, you need to define an input in the second workflow:
name: Second workflow (deploy)
on:
workflow_dispatch:
inputs:
run_number: # Exposing the input through which we can pass the value
description: 'The run number'
required: true
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Echo the input
run: echo ${{ github.event.inputs.run_number }}
Then, you can trigger this workflow from another workflow in the following way:
name: First Workflow (report)
on:
push:
branches:
- '*'
jobs:
allure-report:
runs-on: ubuntu-latest
steps:
# ... Allure report generation steps, etc.
- name: Invoke the deploy WF
uses: benc-uk/workflow-dispatch#v1
with:
workflow: deploy.yaml
inputs: '{ "run_number": "${{ github.run_number }}" }'
In this example, I've used the Workflow Dispatch GH Action to pass the current run_number to the deploy.yml WF as an input value.
To read more about workflow inputs see the Specifying inputs and workflow_dispatch event.
I want to learn how to use a self-hosted github runner with labels. I installed a self-hosted github runner on a server and assigned it the label prj1. I then made a github project and included this .github/workflows/deploy.yml file.
name: Environment
on:
push:
branches:
- master
jobs:
p1:
runs-on: self-hosted
steps:
- run: echo "The job was automatically triggered by a ${{ github.event_name }} event." >> deploy-log.txt
When I push to master branch, my self-hosted github runner says SUCCESS. This is perfect so far.
Then I changed my .github/workflows/deploy.yml to include a label like this:
name: Environment
on:
push:
types: [prj1]
branches:
- master
jobs:
p1:
runs-on: self-hosted
steps:
- run: echo "The job was automatically triggered by a ${{ github.event_name }} event." >> deploy-log.txt
Then I pushed to master. But the github runner does not show any indication it detected anything. The github website actions says "This check was skipped". So then I tried this:
name: Environment
on:
push:
branches:
- master
jobs:
p1:
if: ${{ github.event.label.name == 'prj1' }}
runs-on: self-hosted
steps:
- run: echo "The job was automatically triggered by a ${{ github.event_name }} event." >> deploy-log.txt
Again, when i push changes to master, the git hub runner does not show any indication it detected anything. The github website actions says "This check was skipped".
How do I get my self-hosted runner to deploy a project only on jobs with label prj1?
FOund the answer on : https://docs.github.com/en/actions/hosting-your-own-runners/using-self-hosted-runners-in-a-workflow#using-custom-labels-to-route-jobs
Basically I can use the runs-on to specify which label. SO my yml file looks liek this now
name: Environment
on:
push:
branches:
- master
jobs:
p1:
runs-on: prj1
steps:
- run: echo "The job was automatically triggered by a ${{ github.event_name }} event." >> deploy-log.txt
This means on self-hosted github runners tagged with prj1 will run the job.
I need help figuring something, I am trying to trigger 2 different workflows based on 2 different release tags. I want prod-* to trigger the production workflow and dev-* for the development workflow.
The problem is both tags trigger both workflows and I have no idea how to fix this
(I've canceled both actions but they triggered as you can see)
The tags element is not valid for release events. In consequence, the workflow is triggered for every release event of type published no matter the tag. There is no direct filter for tags with the release event as there is for push and pull_request events.
So you can leverage the if conditional on jobs in combination with the github.ref in the context which contains the tag of the release.
name: Deploy
on:
release:
types: [published]
jobs:
deploy-dev:
name: Deploy to development
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/dev-')
steps:
# [...]
deploy-prod:
name: Deploy to production
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/prod-')
steps:
# [...]
The published trigger is used in both cases here (independently of the tag), because your workflow will start for published OR tags (with the informed pattern) events.
To perform an operation only for a specific tag, you would have to extract the tag version from the $GITHUB_REF (env-var), for example using a step as below with an output in a first job:
- name: Get the version
id: get_tag_version
run: echo ::set-output name=version::${GITHUB_REF/refs\/tags\//}
And then use an if condition on 2 others jobs to check if the tag version contains prod- or dev- (needing the first job) to perform the operation you want for each scenario.
Here is an complete example of what could be used:
name: Example
on:
release:
types: [published]
jobs:
job1:
runs-on: ubuntu-latest
outputs:
tag_version: ${{ steps.get_tag_version.outputs.version }}
steps:
- name: Get the version
id: get_tag_version
run: echo ::set-output name=version::${GITHUB_REF/refs\/tags\//}
job2: # will be executed on for dev- tag
runs-on: ubuntu-latest
needs: [job1]
if: contains( needs.job1.outputs.tag_version , 'dev-')
steps:
[...]
job3: # will be executed on for prod- tag
runs-on: ubuntu-latest
needs: [job1]
if: contains( needs.job1.outputs.tag_version , 'prod-')
steps:
[...]
I coded a workflow to test the implementation above and it worked as expected creating a prod-2 release tag:
workflow file implementation
workflow run
EDIT: Note that you could also use a startWith instead of a contains function for the if expression.
I have two workflows: CI (for continuous integration) and CD (for continuous delivery). Both are working fine individually. My goal is to run the CD workflow only when:
A new tag like v1.1.1 is created on the master branch
The CI workflow is finished
To achieve my goal I'm using the workflow_run event. These are the snippets of my workflows files:
ci.yml:
name: CI
on:
push:
tags: v[1-9]+.[0-9]+.[0-9]+
pull_request:
branches: [develop, hotfix*]
cd.yml
name: CD
on:
workflow_run:
workflows: [CI]
branches: [master]
types:
- completed
The current behavior is: when a tag is created in the master branch only the CI workflow run. I've tried putting tags: v[1-9]+.[0-9]+.[0-9]+ in the workflow_run but the behavior is the same.
My question is: how can I achieve my goal? Is it possible?
According to docs you can only use branches option and not tags for workflow_run so I'm afraid that's why your current setting doesn't work.
You have some alternatives though:
You can turn your CD workflow into action and run it as part of your CI with condition:
.github/actiond/cd/action.yml:
name: CD
description: Run CD
runs:
using: composite
steps:
- run: echo "Success!"
shell: bash
CI:
name: CI
on:
push:
tags: v[1-9]+.[0-9]+.[0-9]+
pull_request:
branches: [develop, hotfix*]
jobs:
sucess:
name: Log success
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- run: echo "Success!"
- name: Run CD
if: github.event_name == 'push' && contains(github.event.ref, '/tags/')
uses: ./.github/actions/cd
Have it as a separate job that is dependant on CI job using needs option
Converting it to action makes for better encapsulation IMO although requires some work.
You need to put "" around the name of the triggering workflow in cd.yml:
name: CD
on:
workflow_run:
workflows: ["CI"]
I'm relatively new to GitHub Actions and I have 2 jobs–one that runs my tests, and one that deploys my project onto a server.
Obviously I want the tests to run on every branch, but deploying should only happen when something gets pushed to master.
I'm struggling to find a way to run a job on a specific branch. I know it's possible to only run entire workflows on a specific branch, however that would mean I would have a "test" workflow and a "deploy" workflow.
This sounds like a solution, however they would run parallel. In an ideal world, the tests would run first, and only if they succeed, then the deploy job would start. This isn't the case when using 2 separate workflows.
How would I be able to achieve this? Is it possible to run jobs on a specific branch?
In a recent update you can now put if conditionals at job level. See the documentation here. https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idif
I tested this workflow which runs the job test on every push, but only runs deploy on the master branch.
name: my workflow
on: push
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Execute tests
run: exit 0
deploy:
runs-on: ubuntu-latest
needs: test
if: github.ref == 'refs/heads/master'
steps:
- name: Deploy app
run: exit 0
What follows is my original answer, and an alternative solution if you prefer to have separate workflows.
The first workflow runs for every branch except master. In this workflow you run tests only.
on:
push:
branches:
- '*'
- '!master'
The second workflow runs for just master and runs both your tests and deploys if the tests were successfully passed.
on:
push:
branches:
- master
Most answers provide a solution for one single branch. To restrict the job to run on any specific set of branches, you can do it using the if conditional with multiple disjunction (||) operators; but this is too verbose and doesn't respect the DRY principle.
The same can be archived with less repetition using the contains function.
Using contains:
contains('
refs/heads/dev
refs/heads/staging
refs/heads/production
', github.ref)
compared to using multiple ||:
github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/production' || …
Full example:
---
on: push
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Run tests
run: …
deployment:
name: Deployment
runs-on: ubuntu-latest
needs: [test]
if:
contains('
refs/heads/dev
refs/heads/staging
refs/heads/production
', github.ref)
steps:
- uses: actions/checkout#v2
- name: Deploy
run: …
Here is what I've done for steps that should only run on a specific branch.
- name: Publish Image
# Develop branch only
if: github.ref == 'refs/heads/develop'
run: |
... publish commands ...
2021 update
I know it's possible to only run entire workflows on a specific
branch, however that would mean I would have a "test" workflow and a
"deploy" workflow.
This sounds like a solution, however they would run parallel. In an
ideal world, the tests would run first, and only if they succeed, then
the deploy job would start. This isn't the case when using 2 separate
workflows.
You can now use the event workflow_run to achieve the part the tests would run first, and only if they succeed, then the deploy job would start (read on to see how):
Documentation page of workflow_run
https://docs.github.com/en/actions/learn-github-actions/events-that-trigger-workflows#workflow_run
This event occurs when a workflow run is requested or completed, and
allows you to execute a workflow based on the finished result of
another workflow. A workflow run is triggered regardless of the result
of the previous workflow.
For example, if your pull_request workflow generates build artifacts,
you can create a new workflow that uses workflow_run to analyze the
results and add a comment to the original pull request.
Now, considering OP's initial issue:
I want the tests to run on every branch, but deploying should only happen when something gets pushed to master
This now could be solved like this:
The following setup is working, a few minutes ago I just implemented the same logic in one of my repository
Workflow <your_repo>/.github/workflows/tests.yml
name: My tests workflow
on:
push:
branches:
- master
pull_request: {}
jobs:
test:
# ... your implementation to run your tests
Workflow <your_repo>/.github/workflows/deploy.yml
name: My deploy workflow
on:
workflow_run:
workflows: My tests workflow # Reuse the name of your tests workflow
branches: master
types: completed
jobs:
deploy:
# `if` required because a workflow run is triggered regardless of
# the result of the previous workflow (see the documentation page)
if: ${{ github.event.workflow_run.conclusion == 'success' }}
# ... your implementation to deploy your project
Although this discussion is very old but recently I came across the same problem with a slight addition. if condition to check whether the branch is main works but what if someone pushes their branch and updates the workflow yml file to remove the if condition? The deploy job will get triggered without their branch even being reviewed or merged in main and could potentially break the production environment. This could be a concern in open source projects.
I couldn't find an answer for this anywhere so wanted to share my findings. I hope this is the right thread for it.
To ensure that there's no way a job is triggered except for in specific branches, environments can be used. A deploy job will most likely have some api keys to connect to the destination server that might be stored in secrets. Instead of storing them in repository secrets which are accessible globally within the repository, we should store them in respective environments.
The official docs for environments contain detailed explanation with sample scripts but sharing a simple example here. Let's say we want to run production deployment only when main is updated
From repository Settings, create a production environment
Choose Selected Branches in Deployment Branches dropdown and add main in the pattern
Add the api keys in production environment secrets
In the workflow yml we just need to add environment information environment: production as follows (using script from #peterevans's answer)
name: my workflow
on: push
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Execute tests
run: exit 0
deploy:
runs-on: ubuntu-latest
needs: test
if: github.ref == 'refs/heads/main'
environment: production
steps:
- name: Deploy app
run: exit 0
The environment information indicates where the secrets have to be read from. If the current branch name doesn't match the pattern provided in Selected Branches then the job will immediately fail with an error. Since we have a condition to only run this on main, normally that won't bother us because this job will be skipped on other branches anyways. But if someone, mistakenly or with ill intentions, modifies the yml file and removes the condition before pushing their branch, they'll get an error. So, our system remains secure at least from the threat here.
Hope this helps anyone wondering the same.
The following worked for me inside a job:
Where a PR target branch is one of the following:
if: contains(github.base_ref, 'staging')
|| contains(github.base_ref, 'production')
When the source branch of the pull request is one of them below:
if: contains(github.head_ref, 'feature')
|| contains(github.head_ref, 'release')
name: CI
on: push
jobs:
prod-check:
if: ${{ github.ref == 'refs/heads/main' }}
runs-on: ubuntu-latest
steps:
- run: echo "Deploying to production server on branch $GITHUB_REF"
According to the documentation, the if condition is wrapped like so
if: ${{ github.ref == 'refs/heads/main' }}
While you can't have conditions at job level at this moment, you can have conditions at step level - see Contexts and expression syntax for GitHub Actions.
For getting a branch name, current solution is to check GITHUB_REF environment variable - see Default environment variables and this question for details.
Putting it all together - if you decide to go with accepted answer in last link, your workflow might look like this:
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Run tests
run: ./my-tests.sh
deploy:
runs-on: ubuntu-latest
needs: test
steps:
- name: Extract branch name
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF##*/})"
id: extract_branch
- name: Deploy
run: ./deploy.sh
if: steps.extract_branch.outputs.branch == 'master'
If you'd rather keep everything in workflow file instead of separated script, you can always add if to each step in given job.
I hope it's just a temporary solution/workaround, and job conditions are going to be added before end of beta.
For steps or jobs you can also use github.ref_name which is the branch or tag name that triggered the workflow run.
name: my workflow
on: push
jobs:
if: github.ref_name == 'main'
test:
runs-on: ubuntu-latest
steps:
- name: Execute tests
run: exit 0
For more information about the github context check here.
You need to add these two script to the workflows
//main.yml
name: main
on:
push:
branches:
- main
//size.yml
name: size
on:
pull_request:
branches:
- main
There are already some pretty good answers. Here's a way to specify multiple branches in your conditional:
name: my workflow
on: push
jobs:
deploy:
if: contains(fromJson('["refs/heads/master", "refs/heads/main"]'), github.ref)
runs-on: ubuntu-latest
steps:
- name: Execute tests
run: exit 0
2022
Below workflow runs only for push in main branch:
name: Distribute to Firebase
on:
push:
branches: [ main ]
jobs:
...